On November 29, 2024, RxSight, Inc. filed a notice of data breach with the Attorney General of Montana after discovering that an unauthorized party accessed an employee’s email account. In this notice, RxSight explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names and medical information. Upon completing its investigation, RxSight began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from RxSight, Inc., it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the RxSight data breach. For more information, please see our recent piece on the topic here.
What Caused the RxSight Data Breach?
The RxSight data breach was only recently announced, and more information is expected in the near future. However, RxSight’s filing with the Attorney General of Montana provides some important information on what led up to the breach. According to this source, on May 3, 2024, RXSight detected unusual activity within an employee’s email address related to a SIM swap attack. In response, RxSight reset all passwords and then brought on a team of third-party cybersecurity experts to investigate the incident.
On July 10, 2024, through its investigation, RxSight learned that the unauthorized party responsible for the attack was able to access personal information in the company’s possession.
After learning that sensitive consumer data was accessible to an unauthorized party, RxSight reviewed the compromised files to determine what information was leaked and which consumers were impacted. RxSight completed this process on November 5, 2024. While the breached information varies depending on the individual, it may include your name and medical information.
On November 29, 2024, RxSight sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About RxSight, Inc.
RxSight is a medical technology company specializing in adjustable intraocular lens (IOL) solutions for cataract surgery. Headquartered in Aliso Viejo, California, the company develops and manufactures the RxSight Light Adjustable Lens, the first FDA-approved IOL that allows post-surgical vision adjustments using ultraviolet light treatments. With a focus on innovation in ophthalmology, RxSight provides advanced vision correction technology that enhances patient outcomes and offers greater customization for surgeons. The organization employs approximately 374 people and generates an estimated $115 million in annual revenue.
